Major cyber incidents resulted in a 9% decrease in shareholder value, over and above the market – in the year following the event, according to data from Aon’s 2023 Cyber Resilience Report.
At the same time, ransomware events decreased by 16% from Q322 to Q422, however, data from the cyber and errors and omissions insurance marketplace shows an uptick in Q123.
The broker’s report serves as a guide to help business leaders benchmark their organisation’s cyber risk maturity against peers and make better decisions when managing cyber across six risk areas: cyber, operational, supply chain, insider, reputational and systemic.
“Companies have experienced new forms of volatility over the last four years, experiencing a rise in the frequency and severity of cyber threats and ransomware events, followed by a cyber insurance market with rising premiums and retentions and significant underwriting scrutiny,” said Christian Hoffman, global cyber leader for Aon.
“We observe that the C-suite increasingly sees that cyber events have the potential to impact all areas of their business. Achieving cyber resilience is a recurring theme in board room discussions and the threat is now being addressed from a holistic risk perspective.”
Aon’s global report is based on proprietary client data collected from Aon’s Cyber Quotient Evaluation (CyQu), Aon’s Ransomware Supplemental Application and Aon’s Operational Technology Application.
Elsewhere, Aon also highlighted how two in five companies reported a lack of security operations center controls, which clearly demonstrates the need for improved cyber security measures to prevent against phishing – which is known as being the most common vector for initial network access.
Another key factor to consider is that the overall cyber risk score for healthcare clients improved from 2.6 to 2.8, on a scale of 1 to 4. In 2022, for enterprise and global clients in healthcare, the overall risk profile improved from “basic” to “managed” with more than 80% of the companies reporting scores of 2.5 or higher.
“Achieving cyber and business resilience is a challenging endeavor for any organization. Through Aon’s broking and consulting capabilities, we help organizations navigate volatility and more appropriately minimize financial, operational and reputational risk,” Hoffman added.
Aon collected CyQu self-assessment scores from 2,946 client organizations spanning across Asia Pacific, EMEA, Latin America, North America and the UK in 2020 and 2022.
The study focused on six areas of risk – cyber, insider, operational, reputational, supply chain and systemic – in the finance and insurance, healthcare and manufacturing industries.
The broker also confirmed that it plans to release additional data and insights, including regional findings, later this year.
